[fix][broker] Let TokenAuthState update authenticationDataSource

[michaeljmarshall]

Motivation

We use the result of TokenAuthenticationState#getAuthDataSource to pass to the AuthorizationProvider. For custom implementations, it is important that this information is up to date.

The TokenAuthenticationState field AuthenticationDataSource is set on initialization and never again. Given that tokens can be refreshed, we should update the field TokenAuthenticationState#authenticationDataSource when the authenticate method is called.

Modifications

• Update the authenticationDataSource when authenticate is called.

Verifying this change

A new test is added to cover this change.

Does this pull request potentially affect one of the following parts:

This change will only affect third party AuthorizationProvider implementations. It's possible that it could break their integration, though unlikely. Note that we update the authRole when authenticate is called.

Documentation

• doc-not-needed

We do not document this kind of internal behavior anywhere.

Matching PR in forked repository

PR in forked repository: michaeljmarshall#15

[eolivelli]

Lgtm

[lhotari]

Are there any thread safety concerns here? would it make sense to make authenticationDataSource field volatile?

[michaeljmarshall]

Good question. The current usage of this field in the pulsar code base is all from netty event loops, so I don't think that is needed. Similarly, the jwt and the expiration are not volatile. I see that expiration is called from another thread, so that one might be an issue.

[nodece]

LGTM

[codecov-commenter]

Codecov Report

Merging #19282 (c39a89b) into master (334c3a5) will increase coverage by 5.58%.
The diff coverage is 39.04%.

@@             Coverage Diff              @@
##             master   #19282      +/-   ##
============================================
+ Coverage     47.04%   52.62%   +5.58%     
- Complexity     9190    22238   +13048     
============================================
  Files           607     1824    +1217     
  Lines         57677   136692   +79015     
  Branches       6007    15044    +9037     
============================================
+ Hits          27132    71939   +44807     
- Misses        27598    57271   +29673     
- Partials       2947     7482    +4535     

Flag	Coverage Δ
inttests	22.44% <10.63%> (?)
systests	25.03% <7.09%> (?)
unittests	46.74% <36.21%> (-0.30%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
...org/apache/pulsar/broker/ServiceConfiguration.java	98.27% <0.00%> (ø)
.../broker/authentication/AuthenticationProvider.java	7.14% <0.00%> (ø)
.../org/apache/pulsar/broker/admin/AdminResource.java	69.37% <ø> (+5.59%)	⬆️
...rg/apache/pulsar/broker/delayed/bucket/Bucket.java	0.00% <0.00%> (ø)
...r/delayed/bucket/BucketDelayedDeliveryTracker.java	0.00% <0.00%> (ø)
...layed/bucket/CombinedSegmentDelayedIndexQueue.java	0.00% <0.00%> (ø)
...ulsar/broker/delayed/bucket/DelayedIndexQueue.java	0.00% <0.00%> (ø)
.../pulsar/broker/delayed/bucket/ImmutableBucket.java	0.00% <0.00%> (ø)
...he/pulsar/broker/delayed/bucket/MutableBucket.java	0.00% <0.00%> (ø)
...ed/bucket/TripleLongPriorityDelayedIndexQueue.java	0.00% <0.00%> (ø)
... and 1395 more